Package oracle.iam.identity.usermgmt.api

Interface UserManager

public interface UserManager
The UserManager API exposes the methods to manage a user. To manage a user, it provides functionality to create, modify, enable, disable, delete, lock, unlock , getting/setting the challenge questions& answers , change/reset password of the user. It also provides the support for bulk modify, enable, disable, delete, lock and unlock user operations. Apart from basic user operations, there are proxy related operations to get user's proxy details and assign, remove and update the proxy of a user.
Author:
abhimanyu seth

  • Method Details

    • create

      UserManagerResult create(User user, boolean isRestCall) throws ValidationFailedException, AccessDeniedException, UserAlreadyExistsException, UserCreateException
      This method creates a user
      Parameters:
      user - This VO contains the attributes for the user to be created Challenge questions/answers could be passed in the same vo in key 'Challenge Questions Answers'; if client wants to set challenge questions/answers at the time of user creation
      isRestCall - It defines whether it a REST based call
      Returns:
      UserManagerResult containing the entity id of the user created in the repository.
      Throws:
      ValidationFailedException - if the validation during the orchestration process fails.
      AccessDeniedException - if the logged-in user does not have the required authorization.
      UserAlreadyExistsException - if the login id of the user is not available.
      UserCreateException - if the orchestration fails while creating the user.

    • create

      UserManagerResult create(User user) throws ValidationFailedException, AccessDeniedException, UserAlreadyExistsException, UserCreateException
      This method creates a user
      Parameters:
      user - This VO contains the attributes for the user to be created Challenge questions/answers could be passed in the same vo in key 'Challenge Questions Answers'; if client wants to set challenge questions/answers at the time of user creation.
      Returns:
      UserManagerResult containing the entity id of the user created in the repository.
      Throws:
      ValidationFailedException - if the validation during the orchestration process fails.
      AccessDeniedException - if the logged-in user does not have the required authorization.
      UserAlreadyExistsException - if the login id of the user is not available.
      UserCreateException - if the orchestration fails while creating the user.

    • create

      UserManagerResult create(User user, Map<String,Object> controls) throws ValidationFailedException, AccessDeniedException, UserAlreadyExistsException, UserCreateException
      This method creates a user it takes a Map of additional control parameters wihch could be used for performing additional opreration along with creating user.
      Parameters:
      user - This VO contains the attributes for the user to be created
      controls - This Map contains control parameters used for performing additional opreration along with creating user.
      Supported Control Parameters:
      • SendNotification - Boolean flag whether to send notification or not.
      • SendNotificationTo - Comma separated email address.
      Returns:
      UserManagerResult containing the entity id of the user created
      Throws:
      ValidationFailedException - if the validation during the orchestration process fails.
      AccessDeniedException - if the logged-in user does not have the required authorization.
      UserAlreadyExistsException - if the login id of the user is not available.
      UserCreateException - if the orchestration fails for create operation.

    • modify

      UserManagerResult modify(String attributeName, Object attributeValue, User user) throws ValidationFailedException, AccessDeniedException, UserModifyException, NoSuchUserException, SearchKeyNotUniqueException
      This method updates an existing user, matching the specified search criteria, with the values specified.
      Parameters:
      attributeName - - The attribute name for the search criteria.
      attributeValue - - The attribute value for the search criteria.
      user - The attributes and values to update the user with.
      Returns:
      UserManagerResult containing the entity id of the modified user.
      Throws:
      ValidationFailedException - if the validation during the orchestration process fails.
      AccessDeniedException - if the logged-in user does not have the required authorization.
      UserModifyException - if the orchestration fails for modify operation.
      NoSuchUserException - if the specified search criteria doesn't returns a valid user
      SearchKeyNotUniqueException - if there is more than one user matching the search criteria.

    • modify

      UserManagerResult modify(User user) throws ValidationFailedException, AccessDeniedException, UserModifyException, NoSuchUserException
      This method updates the 'user' with the values in the passed VO.
      Parameters:
      user - The User VO containing the details of the user to be updated
      Returns:
      UserManagerResult containing the entity id of the modified user.
      Throws:
      ValidationFailedException - if the validation during the orchestration process fails.
      AccessDeniedException - if the logged-in user does not have the required authorization.
      UserModifyException - if the orchestration fails for modify operation.
      NoSuchUserException - if the specified search criteria doesn't returns a valid user.

    • modify

      UserManagerResult modify(ArrayList<String> userIDs, HashMap<String,Object> args, boolean isUserLogin) throws ValidationFailedException, AccessDeniedException, UserModifyException, NoSuchUserException
      Modifies users in bulk. The profile of all users added in the userIDs list are updated with value of all bulk modifiable attribute specified in the map.
      Parameters:
      userIDs - The ids of the users whose profiles are to be updated. The isUserLogin flag will decide what does userID contains. *
      args - The common set of attributes and values to update the users with.
      isUserLogin - Set to true if the userID contains user login and false if the userID contains user key.
      Returns:
      UserManagerResult containing the list of success and failure results. Each failure result has a reason for failure associated with it.
      Throws:
      ValidationFailedException - if the validation during the orchestration process fails.
      AccessDeniedException - if the logged-in user does not have the required authorization.
      UserModifyException - if the orchestration fails for modify operation.
      NoSuchUserException - if the user with given key is not found.

    • delete

      UserManagerResult delete(String userID, boolean isUserLogin) throws ValidationFailedException, AccessDeniedException, UserDeleteException, NoSuchUserException
      Marks the user as deleted. This is a soft delete operation and will not remove the user from the data store.
      Parameters:
      userID - The id of the user to be marked for deletion. The isUserLogin flag will decide what does userID contains.
      isUserLogin - Set to true if the userID contains user login and false if the userID contains user key.
      Returns:
      UserManagerResult containing the entity id of the deleted user.
      Throws:
      ValidationFailedException - if the validation during the orchestration process fails.
      AccessDeniedException - if the logged-in user does not have the required authorization.
      UserDeleteException - if the orchestration fails for delete operation.
      NoSuchUserException - if the user with given key is not found.

    • delete

      UserManagerResult delete(String attributeName, Object attributeValue) throws ValidationFailedException, AccessDeniedException, UserDeleteException, NoSuchUserException, SearchKeyNotUniqueException
      Marks the user matching the specified search criteria as deleted. This is a soft delete operation and will not remove the user from the data store.
      Parameters:
      attributeName - - The attribute name for the search criteria.
      attributeValue - - The attribute value for the search criteria.
      Returns:
      UserManagerResult containing the entity id of the deleted user.
      Throws:
      ValidationFailedException - if the validation during the orchestration process fails.
      AccessDeniedException - if the logged-in user does not have the required authorization.
      UserDeleteException - if the orchestration fails for delete operation.
      NoSuchUserException - if the user with given key is not found.
      SearchKeyNotUniqueException - if there is more than one user of the search criteria.

    • delete

      UserManagerResult delete(ArrayList<String> userIDs, boolean isUserLogin) throws ValidationFailedException, AccessDeniedException, UserDeleteException, NoSuchUserException
      Bulk delete operation. It will mark all specified users as deleted.
      Parameters:
      userIDs - The ids of the user to be marked for deletion. The isUserLogin flag will decide what does userID contains.
      isUserLogin - Set to true if the userID contains user login and false if the userID contains user key.
      Returns:
      UserManagerResult containing the list of success and failure results. Each failure result has a reason for failure associated with it.
      Throws:
      ValidationFailedException - if the validation during the orchestration process fails.
      AccessDeniedException - if the logged-in user does not have the required authorization.
      UserDeleteException - if the orchestration fails for delete operation.
      NoSuchUserException - if the user with given key is not found.

    • getDetails

      User getDetails(String userID, Set<String> retAttrs, boolean isUserLogin) throws AccessDeniedException, NoSuchUserException, UserLookupException
      Returns the profile details of the specified user.
      Parameters:
      userID - The id of the user who's details are required. The isUserLogin flag will decide what does userID contains.
      retAttrs - The list of attributes which are to be returned for each user.
      isUserLogin - Set to true if the userID contains user login and false if the userID contains user key.
      Returns:
      If the user exists then an 'User' object containing all the retAttrs of the user is returned otherwise NoSuchUserException exception is thrown.
      Throws:
      AccessDeniedException - if the logged-in user does not have the required authorization.
      NoSuchUserException - if the user does not exist.
      UserLookupException - if the user lookup operation fails.

    • getDetails

      User getDetails(String userID, Set<String> retAttrs, boolean isUserLogin, OperationContext opContext) throws AccessDeniedException, NoSuchUserException, UserLookupException
      Returns the profile details of the specified user.
      Parameters:
      userID - The id of the user who's details are required. The isUserLogin flag will decide what does userID contains.
      retAttrs - The list of attributes which are to be returned for each user.
      isUserLogin - Set to true if the userID contains user login and false if the userID contains user key.
      opContext - The context of the request.
      Returns:
      If the user exists then an 'User' object containing all the retAttrs of the user is returned otherwise NoSuchUserException exception is thrown.
      Throws:
      AccessDeniedException - if the logged-in user does not have the required authorization.
      NoSuchUserException - if the user does not exist.
      UserLookupException - if the user lookup operation fails.

    • getDetails

      User getDetails(String attributeName, Object attributeValue, Set<String> retAttrs) throws AccessDeniedException, NoSuchUserException, UserLookupException, SearchKeyNotUniqueException
      Returns the profile details of the specified user. Attribute list returned is controlled by the applciable authorizaton policies.
      Parameters:
      attributeName - - The attribute name for the search criteria.
      attributeValue - - The attribute value for the search criteria.
      retAttrs - The list of attributes which are to be returned for each user.
      Returns:
      If the user exists then an 'User' object containing all the retAttrs of the user is returned otherwise NoSuchUserException exception is thrown.
      Throws:
      AccessDeniedException - if the logged-in user does not have the required authorization.
      NoSuchUserException - if the user does not exist.
      UserLookupException - if the user lookup operation fails.
      SearchKeyNotUniqueException - if there is more than one user of the search criteria

    • getTotalCount

      long getTotalCount(SearchCriteria criteria) throws AccessDeniedException, UserSearchException
      Searches for users matching the specified SearchCriteria.
      Parameters:
      criteria - The search criteria based on which entries will be retrieved from the backend. The SearchCriteria Operators supported are AND, OR, NOT, GREATER_THAN, GREATER_EQUAL, LESS_THAN, LESS_EQUAL, EQUAL and NOT_EQUAL. For additional comparisons like contains the SearchCriteria Operator will be EQUAL with value to be searched will be '*<value>*'
      Returns:
      Total count of users according to the provided filter and permission of logged in user
      Throws:
      AccessDeniedException - if the logged-in user does not have the required authorization.
      UserSearchException - if the user search operation fails.

    • search

      List<User> search(SearchCriteria criteria, Set<String> retAttrs, HashMap<String,Object> configParams) throws AccessDeniedException, UserSearchException
      Searches for users matching the specified SearchCriteria.
      Parameters:
      criteria - The search criteria based on which entries will be retrieved from the backend. The SearchCriteria Operators supported are AND, OR, NOT, GREATER_THAN, GREATER_EQUAL, LESS_THAN, LESS_EQUAL, EQUAL and NOT_EQUAL. For additional comparisons like contains the SearchCriteria Operator will be EQUAL with value to be searched will be '*<value>*'
      retAttrs - The list of attributes which are to be returned for each user. The list will be further filtered based on the authroization policies.
      configParams - Parameters to further configure the search operation. There are four configuration parameters. STARTROW, ENDROW, SORTEDBY and SORTORDER.

      The STARTROW and ENDROW search configuration parameters indicates which subset of the complete search result is to be fetched. These parameters are mandatory.

      The SORTEDBY search configuration parameter indicates the attribute on which search result is to be sorted. This parameter is optional and is set to 'User Login' by default.

      The SORTORDER search configuration parameter indicates the order of sorting. There are two possible values for this parameter. To sort the result in ascending order use SortOrder.ASCENDING and to sort the result in descending order use SortOrder.DESCENDING. This parameter is optional and is set to SortOrder.ASCENDING by default.

      Returns:
      the list of users which matched the search criteria. This list is filtered based on the attribute and entity permissions of the logged-in User.
      Throws:
      AccessDeniedException - if the logged-in user does not have the required authorization.
      UserSearchException - if the user search operation fails.

    • isUserManager

      boolean isUserManager(String usrKey)
      Checks if usrKey is a manager
      Parameters:
      usrKey -
      Returns:
      boolean value true or false

    • enable

      UserManagerResult enable(String userID, boolean isUserLogin, boolean isRestCall) throws ValidationFailedException, AccessDeniedException, UserEnableException, NoSuchUserException
      Enables the user account.
      Parameters:
      userID - The id of the user to be enabled. The isUserLogin flag will decide what does userID contains.
      isUserLogin - Set to true if the userID contains user login and false if the userID contains user key.
      isRestCall - This flag is true for REST calls
      Returns:
      UserManagerResult containing the entity id of the enabled user.
      Throws:
      ValidationFailedException - if the validation during the orchestration process fails.
      AccessDeniedException - if the logged-in user does not have the required authorization.
      UserEnableException - if the orchestration fails for enable operation.
      NoSuchUserException - if the user with given userID is not found.

    • enable

      UserManagerResult enable(String userID, boolean isUserLogin) throws ValidationFailedException, AccessDeniedException, UserEnableException, NoSuchUserException
      Enables the user account.
      Parameters:
      userID - The id of the user to be enabled. The isUserLogin flag will decide what does userID contains.
      isUserLogin - Set to true if the userID contains user login and false if the userID contains user key.
      Returns:
      UserManagerResult containing the entity id of the enabled user.
      Throws:
      ValidationFailedException - if the validation during the orchestration process fails.
      AccessDeniedException - if the logged-in user does not have the required authorization.
      UserEnableException - if the orchestration fails for enable operation.
      NoSuchUserException - if the user with given userID is not found.

    • enable

      UserManagerResult enable(String attributeName, Object attributeValue) throws ValidationFailedException, AccessDeniedException, UserEnableException, NoSuchUserException, SearchKeyNotUniqueException
      Enables the user matching the search criteria.
      Parameters:
      attributeName - - The attribute name for the search criteria.
      attributeValue - - The attribute value for the search criteria.
      Returns:
      UserManagerResult containing the entity id of the user to be enabled.
      Throws:
      ValidationFailedException - if the validation during the orchestration process fails.
      AccessDeniedException - if the logged-in user does not have the required authorization.
      UserEnableException - if the orchestration fails for enable operation.
      NoSuchUserException - if the user matching the search criteria is not found.
      SearchKeyNotUniqueException - if there is more than one user found with the search criteria provided.

    • enable

      UserManagerResult enable(ArrayList<String> userIDs, boolean isUserLogin) throws ValidationFailedException, AccessDeniedException, UserEnableException, NoSuchUserException
      Bulk enable operation. Enables the specified users.
      Parameters:
      userIDs - The ids of the user to be enabled. The isUserLogin flag will decide what does userID contains.
      isUserLogin - Set to true if the userID contains user login and false if the userID contains user key.
      Returns:
      UserManagerResult containing the list of success and failure results. Each failure result has a reason for failure associated with it.
      Throws:
      ValidationFailedException - if the validation during the orchestration process fails.
      AccessDeniedException - if the logged-in user does not have the required authorization.
      UserEnableException - if the orchestration fails for enable operation.
      NoSuchUserException - if the user with given userID is not found.

    • disable

      UserManagerResult disable(String userID, boolean isUserLogin, boolean isRestCall) throws ValidationFailedException, AccessDeniedException, UserDisableException, NoSuchUserException
      Disables the user.
      Parameters:
      userID - The id of the user to be disabled. The isUserLogin flag will decide what does userID contains.
      isUserLogin - Set to true if the userID contains user login and false if the userID contains user key.
      isRestCall - This sets to true if it is a REST call
      Returns:
      UserManagerResult containing the entity id of the disabled user.
      Throws:
      ValidationFailedException - is thrown if the validation during the orchestration process fails.
      AccessDeniedException - if the logged-in user does not have the required authorization.
      UserDisableException - if the orchestration fails for disable operation.
      NoSuchUserException - if the user with given userID is not found.

    • disable

      UserManagerResult disable(String userID, boolean isUserLogin) throws ValidationFailedException, AccessDeniedException, UserDisableException, NoSuchUserException
      Disables the user.
      Parameters:
      userID - The id of the user to be disabled. The isUserLogin flag will decide what does userID contains.
      isUserLogin - Set to true if the userID contains user login and false if the userID contains user key.
      Returns:
      UserManagerResult containing the entity id of the disabled user.
      Throws:
      ValidationFailedException - is thrown if the validation during the orchestration process fails.
      AccessDeniedException - if the logged-in user does not have the required authorization.
      UserDisableException - if the orchestration fails for disable operation.
      NoSuchUserException - if the user with given userID is not found.

    • disable

      UserManagerResult disable(String attributeName, Object attributeValue) throws ValidationFailedException, AccessDeniedException, UserDisableException, NoSuchUserException, SearchKeyNotUniqueException
      Disables the user account matching the search criteria.
      Parameters:
      attributeName - - The attribute name for the search criteria.
      attributeValue - - The attribute value for the search criteria.
      Returns:
      UserManagerResult containing the entity id of the disabled user.
      Throws:
      ValidationFailedException - is thrown if the validation during the orchestration process fails.
      AccessDeniedException - if the logged-in user does not have the required authorization.
      UserDisableException - if the orchestration fails for disable operation.
      NoSuchUserException - if the user matching the search criteria is not found.
      SearchKeyNotUniqueException - if more than one user is found as per the defined the search criteria.

    • disable

      UserManagerResult disable(ArrayList<String> userIDs, boolean isUserLogin) throws ValidationFailedException, AccessDeniedException, UserDisableException, NoSuchUserException
      Bulk disable operation. Disables the specified users.
      Parameters:
      userIDs - The ids of the user to be disabled. The isUserLogin flag will decide what does userID contains.
      isUserLogin - Set to true if the userID contains user login and false if the userID contains user key.
      Returns:
      UserManagerResult containing the list of success and failure results. Each failure result has a reason for failure associated with it.
      Throws:
      ValidationFailedException - if the validation during the orchestration process fails.
      AccessDeniedException - if the logged-in user does not have the required authorization.
      UserDisableException - if the orchestration fails for disable operation.
      NoSuchUserException - if the user with given userID is not found.

    • lock

      UserManagerResult lock(String userID, boolean isUserLogin) throws ValidationFailedException, AccessDeniedException, UserLockException, NoSuchUserException
      Locks the OIM user.
      Parameters:
      userID - The id of the user to be locked. The isUserLogin flag will decide what does userID contains.
      isUserLogin - Set to true if the userID contains user login and false if the userID contains user key.
      Returns:
      UserManagerResult containing the entity id of the locked user.
      Throws:
      ValidationFailedException - if the validation during the orchestration process fails.
      AccessDeniedException - if the logged-in user does not have the required authorization.
      UserLockException - if the orchestration fails for lock operation.
      NoSuchUserException - if the user with given userID is not found.

    • lock

      @Deprecated UserManagerResult lock(String userID, boolean manualFlag, boolean isUserLogin) throws ValidationFailedException, AccessDeniedException, UserLockException, NoSuchUserException
      Deprecated.
      Please see lock(String, boolean)
      Parameters:
      userID - The id of the user to be locked. The isUserLogin flag will decide what does userID contains.
      manualFlag - The flag is ignored and admin lock will be performed always.
      isUserLogin - Set to true if the userID contains user login and false if the userID contains user key.
      Returns:
      UserManagerResult containing the entity id of the locked user.
      Throws:
      ValidationFailedException - if the validation during the orchestration process fails.
      AccessDeniedException - if the logged-in user does not have the required authorization.
      UserLockException - if the orchestration fails for lock operation.
      NoSuchUserException - if the user with given userID is not found.

    • lock

      UserManagerResult lock(String attributeName, Object attributeValue) throws ValidationFailedException, AccessDeniedException, UserLockException, NoSuchUserException, SearchKeyNotUniqueException
      Locks the OIM user(s) matching the search criteria.
      Parameters:
      attributeName - - The attribute name for the search criteria.
      attributeValue - - The attribute value for the search criteria.
      Returns:
      UserManagerResult containing the entity id of the locked user.
      Throws:
      ValidationFailedException - if the validation during the orchestration process fails.
      AccessDeniedException - if the logged-in user does not have the required authorization.
      UserLockException - if the orchestration fails for lock operation.
      NoSuchUserException - if the user with given userID is not found.
      SearchKeyNotUniqueException - if there is more than one user of the search criteria.

    • lock

      @Deprecated UserManagerResult lock(String attributeName, Object attributeValue, boolean manualFlag) throws ValidationFailedException, AccessDeniedException, UserLockException, NoSuchUserException, SearchKeyNotUniqueException
      Deprecated.
      Please see lock(String, Object)
      Parameters:
      attributeName - The attribute name for the search criteria.
      attributeValue - The attribute value for the search criteria.
      manualFlag - The flag is ignored and admin lock will be performed always
      Returns:
      UserManagerResult containing the entity id of the locked user.
      Throws:
      ValidationFailedException - if the validation during the orchestration process fails.
      AccessDeniedException - if the logged-in user does not have the required authorization.
      UserLockException - if the orchestration fails for lock operation.
      NoSuchUserException - if the user with given userID is not found.
      SearchKeyNotUniqueException - if there is more than one user of the search criteria.

    • lock

      UserManagerResult lock(ArrayList<String> userIDs, boolean isUserLogin) throws ValidationFailedException, AccessDeniedException, UserLockException, NoSuchUserException
      Bulk lock operation, locks all the users specified.
      Parameters:
      userIDs - The ids of the user to be locked. The isUserLogin flag will decide what does userID contains.
      isUserLogin - Set to true if the userID contains user login and false if the userID contains user key.
      Returns:
      UserManagerResult containing the list of success and failure results. Each failure result has a reason for failure associated with it.
      Throws:
      ValidationFailedException - if the validation during the orchestration process fails.
      AccessDeniedException - if the logged-in user does not have the required authorization.
      UserLockException - if the orchestration fails for lock operation.
      NoSuchUserException - if the user with given userID is not found.

    • lock

      @Deprecated UserManagerResult lock(ArrayList<String> userIDs, boolean manualFlag, boolean isUserLogin) throws ValidationFailedException, AccessDeniedException, UserLockException, NoSuchUserException
      Deprecated.
      Please see lock(ArrayList<String>, boolean)
      Parameters:
      userIDs - The ids of the user to be locked. The isUserLogin flag will decide what does userID contains.
      manualFlag - The flag is ignored and admin lock will be performed always
      isUserLogin - Set to true if the userID contains user login and false if the userID contains user key.
      Throws:
      ValidationFailedException - if the validation during the orchestration process fails.
      AccessDeniedException - if the logged-in user does not have the required authorization.
      UserLockException - if the orchestration fails for lock operation.
      NoSuchUserException - if the user with given userID is not found.

    • unlock

      UserManagerResult unlock(String userID, boolean isUserLogin) throws ValidationFailedException, AccessDeniedException, UserUnlockException, NoSuchUserException
      Unlocks the OIM user.
      Parameters:
      userID - The id of the user to be unlocked. The isUserLogin flag will decide what does userID contains.
      isUserLogin - Set to true if the userID contains user login and false if the userID contains user key.
      Returns:
      UserManagerResult containing the entity id of the unlocked user.
      Throws:
      ValidationFailedException - if the validation during the orchestration process fails.
      AccessDeniedException - if the logged-in user does not have the required authorization.
      UserUnlockException - if the orchestration fails for unlock operation.
      NoSuchUserException - if the user with given userID is not found.

    • unlock

      UserManagerResult unlock(String attributeName, Object attributeValue) throws ValidationFailedException, AccessDeniedException, UserUnlockException, NoSuchUserException, SearchKeyNotUniqueException
      Unlocks the OIM user matching the search criteria
      Parameters:
      attributeName - - The attribute name for the search criteria.
      attributeValue - - The attribute value for the search criteria.
      Returns:
      UserManagerResult containing the entity id of the unlocked user.
      Throws:
      ValidationFailedException - if the validation during the orchestration process fails.
      AccessDeniedException - if the logged-in user does not have the required authorization.
      UserUnlockException - if the orchestration fails for unlock operation.
      NoSuchUserException - if the user matching the search criteria is not found.
      SearchKeyNotUniqueException - if there is more than one user of the search criteria.

    • unlock

      UserManagerResult unlock(ArrayList<String> userIDs, boolean isUserLogin) throws ValidationFailedException, AccessDeniedException, UserUnlockException, NoSuchUserException
      Bulk unlock operation. Unlocks all the users specified.
      Parameters:
      userIDs - The ids of the user to be unlocked. The isUserLogin flag will decide what does userID contains.
      isUserLogin - Set to true if the userID contains user login and false if the userID contains user key.
      Returns:
      UserManagerResult containing the list of success and failure results. Each failure result has a reason for failure associated with it.
      Throws:
      ValidationFailedException - if the validation during the orchestration process fails.
      AccessDeniedException - if the logged-in user does not have the required authorization.
      UserUnlockException - if the orchestration fails for unlock operation.
      NoSuchUserException - if the user with given userID is not found.

    • getCurrentProxies

      List<Proxy> getCurrentProxies(String userID, boolean isUserLogin) throws AccessDeniedException, NoSuchUserException, UserManagerException
      Returns the current proxy details of the specified user
      Parameters:
      userID - The ID of the user whose current proxies are required. The isUserLogin flag will decide what does userID contains.
      isUserLogin - Set to true if the userID contains user login and false if the userID contains user key.
      Returns:
      List of proxy details for all current proxies associated with the specified user
      Throws:
      AccessDeniedException - If the logged-in user does not have the required authorization to perform this operation.
      NoSuchUserException - If the user with given userID is not found.
      UserManagerException - If getCurrentProxies operation fails due some other reason.

    • getActiveProxies

      List<Proxy> getActiveProxies(String userID, boolean isUserLogin) throws AccessDeniedException, NoSuchUserException, UserManagerException
      Throws:
      AccessDeniedException
      NoSuchUserException
      UserManagerException

    • getPastProxies

      List<Proxy> getPastProxies(String userID, boolean isUserLogin) throws AccessDeniedException, NoSuchUserException, UserManagerException
      Returns the past proxy details of the specified user
      Parameters:
      userID - The id of the user whose past proxies are required. The isUserLogin flag will decide what does userID contains.
      isUserLogin - Set to true if the userID contains user login and false if the userID contains user key.
      Returns:
      List of proxy details for all past proxies associated with the specified user
      Throws:
      AccessDeniedException - If the loggedUser does not have the required authorization to perform this operation.
      NoSuchUserException - If the user with given userID is not found.
      UserManagerException - If getPastProxies operation fails due some other reason.

    • changePassword

      @Deprecated void changePassword(String userID, char[] password, boolean isUserLogin, Locale locale, boolean setPasswordResetFlag) throws NoSuchUserException, AccessDeniedException, UserManagerException
      Deprecated.
      This API does not support option for email notification. The preferred way to do this is via changePassword(String, char[], boolean, Locale, boolean, boolean)
      changePassword(String, char[], boolean, Locale, boolean, boolean) Changes the user's password. This signature API is called in OAAM integrated env.
      Parameters:
      userID - The ID of the user whose password is to be changed. The isUserLogin flag will decide what does userID contains.
      password - New password
      isUserLogin - Set to true if the userID contains user login and false if the userID contains user key.
      locale - If not null, this locale is used to throw translated exceptions (if any)
      setPasswordResetFlag - To identify whether the password reset flag should be reset or not. In case of OAAM scenario, this flag value should be false which should indicate not be reset the 'change password at next logon' flag in the database.
      Throws:
      NoSuchUserException - If user with given userID does not exist.
      AccessDeniedException - If logged-in user does not have permission to change the password of this user.
      UserManagerException - If there is an error while changing the user's password
      See Also:

    • changePassword

      @Deprecated void changePassword(String userID, char[] password, boolean isUserLogin) throws NoSuchUserException, AccessDeniedException, UserManagerException
      Deprecated.
      This API does not support option for email notification. The preferred way to do this is via changePassword(String, char[], boolean, boolean) Changes the user's password.
      Parameters:
      userID - The id of the user whose password is to be changed. The isUserLogin flag will decide what does userID contains.
      password - New password
      isUserLogin - Set to true if the userID contains user login and false if the userID contains user key.
      Throws:
      NoSuchUserException - If user with given userID does not exist.
      AccessDeniedException - If logged-in user does not have permission to change the password of this user.
      UserManagerException - If there is an error while changing the user's password
      See Also:

    • changePassword

      @Deprecated void changePassword(String attributeName, Object attributeValue, char[] password) throws NoSuchUserException, AccessDeniedException, UserManagerException, SearchKeyNotUniqueException
      Deprecated.
      This API does not support option for email notification. The preferred way to do this is via changePassword(String, Object, char[], boolean) Changes the user's password.
      Parameters:
      attributeName - The attribute name for the search criteria to identify the user.
      attributeValue - The attribute value for the search criteria to identify the user.
      password - New password
      Throws:
      NoSuchUserException - If user with the given criteria does not exist.
      AccessDeniedException - If logged-in user does not have permission to change the password of this user.
      UserManagerException - If there is an error while changing password
      SearchKeyNotUniqueException - If there are more than one users found with the given search criteria.
      See Also:

    • getAllProxies

      List<Proxy> getAllProxies(String userID, boolean isUserLogin) throws AccessDeniedException, NoSuchUserException, UserManagerException
      Gets a list of the all the proxy for the given user
      Parameters:
      userID - The ID of the user whose proxies are required. The isUserLogin flag will decide what does userID contains.
      isUserLogin - Set to true if the userID contains user login and false if the userID contains user key.
      Returns:
      List of proxy details for all proxies associated with the specified user
      Throws:
      AccessDeniedException - If the logged-in user does not have the required authorization to perform this operation.
      NoSuchUserException - If user with given userID does not exist.
      UserManagerException - If getAllProxies operation fails due some other reason.

    • getAllProxiesToProxy

      List<Proxy> getAllProxiesToProxy(String userID, boolean isUserLogin) throws AccessDeniedException, NoSuchUserException, UserManagerException
      Gets a list of the all the proxy for the given user
      Parameters:
      userID - The ID of the user whose proxies are required. The isUserLogin flag will decide what does userID contains.
      isUserLogin - Set to true if the userID contains user login and false if the userID contains user key.
      Returns:
      List of proxy details for all proxies associated with the specified user
      Throws:
      AccessDeniedException - If the logged-in user does not have the required authorization to perform this operation.
      NoSuchUserException - If user with given userID does not exist.
      UserManagerException - If getAllProxies operation fails due some other reason.

    • addProxyForUser

      @Deprecated long addProxyForUser(String userID, long proxyUserKey, Date startDate, Date endDate, boolean isUserLogin) throws NoSuchUserException, RecursiveProxyException, UserManagerException, AccessDeniedException
      Deprecated.
      The preferred way to do this is via addProxyForUser(String, String, Date, Date, boolean)
      Adds/Sets proxy for user.The API internally consumes the SOA/BPEL UserMetadataService APIs. UserMetadataService provides the APIs for creating vacation rule which serves our purpose for proxy.
      Parameters:
      userID - The id of the user for which proxy is to be added. The isUserLogin flag will decide if userID contains the user login or the user key
      proxyUserKey - key of the user to be proxied.
      startDate - start date for the proxy.
      endDate - end date of the proxy.
      isUserLogin - Set to true if the userID contains user login and false if the userID contains user key.
      Returns:
      the proxy id in the table.
      Throws:
      NoSuchUserException - If user with given userID does not exist.
      RecursiveProxyException - if there is a recursive proxy.
      UserManagerException - If add proxy operation fails due some other reason.
      AccessDeniedException - If the logged-in user does not have the required authorization to perform this operation

    • updateProxyForUser

      @Deprecated void updateProxyForUser(long pxdKey, Map attribute) throws NoSuchUserException, RecursiveProxyException, UserManagerException, AccessDeniedException
      Deprecated.
      The preferred way to do this is via updateProxyForUser(String, Map)
      Updates the proxy with key pxdKey Only proxy user, start date and/or end date can be modified for the given proxy. Original user cannot be modifed for a proxy. The values to be changed needs to be passed in the map as name value pairs. The API internally consumes the SOA/BPEL UserMetadataService APIs. UserMetadataService provides the APIs for creating vacation rule which serves our purpose for proxy.
      Parameters:
      pxdKey - key of the proxy whose details is to be updated.
      attribute - an attribute map of the fields to update:
      • pxyoriginaluserkey - to identify the original user. This field cannot be updated.
      • proxyuserkey - the new proxy user
      • proxystartdate - start date when the proxy takes effect
      • proxyenddate - end date when the proxy ends
      Throws:
      NoSuchUserException - If user with given userID does not exist.
      RecursiveProxyException - If there is a recursive proxy.
      AccessDeniedException - If the logged-in user does not have the required authorization to perform this operation
      UserManagerException - If update proxy operation fails due some other reason.

    • removeAllProxiesForUser

      void removeAllProxiesForUser(String userID, boolean isUserLogin) throws NoSuchUserException, UserManagerException, AccessDeniedException
      Removes all proxies for user. Past Proxies cannot be deleted. In Progress Proxy are not deleted rather their end date is changed to today. The API internally consumes the SOA/BPEL UserMetadataService APIs. UserMetadataService provides the APIs for creating vacation rule which serves our purpose for proxy.
      Parameters:
      userID - The ID of the user whose proxies are to be removed. The isUserLogin flag will decide what does userID contains.
      isUserLogin - Set to true if the userID contains user login and false if the userID contains user key.
      Throws:
      NoSuchUserException - If user with given userID does not exist.
      AccessDeniedException - If the logged-in user does not have the required authorization to perform this operation
      UserManagerException - If update proxy operation fails due some other reason.

    • removeProxy

      @Deprecated void removeProxy(String userID, long proxyKey, Map<String,Object> attrMap, boolean isUserLogin) throws NoSuchUserException, UserManagerException, AccessDeniedException
      Deprecated.
      Please use removeProxy(String, String, boolean)
      Removes a single proxy (identified by key proxyKey) for the given user (identified by userID). The API internally consumes the SOA/BPEL UserMetadataService APIs. UserMetadataService provides the APIs for creating vacation rule which serves our purpose for proxy.
      Parameters:
      userID - The ID of the user whose proxy is to be removed. The isUserLogin flag will decide what does userID contains.
      proxyKey - The key of the proxy to be removed.
      attrMap - [Optional] The Map of attributes containing proxy details
      isUserLogin - Set to true if the userID contains user login and false if the userID contains user key.
      Throws:
      NoSuchUserException - If user with given userID does not exist.
      AccessDeniedException - If the logged-in user does not have the required authorization to perform this operation
      UserManagerException - If remove proxy operation fails due some other reason.

    • removeProxy

      @Deprecated void removeProxy(String userID, long proxyKey, boolean isUserLogin) throws NoSuchUserException, UserManagerException, AccessDeniedException
      Deprecated.
      Please use removeProxy(String, String, boolean) instead
      Removes a single proxy (identified by key proxyKey) for the given user (identified by userID). The API internally consumes the SOA/BPEL UserMetadataService APIs. UserMetadataService provides the APIs for creating vacation rule which serves our purpose for proxy.
      Parameters:
      userID - The ID of the user whose proxy is to be removed. The isUserLogin flag will decide what does userID contains.
      proxyKey - The key of the proxy to be removed.
      isUserLogin - Set to true if the userID contains user login and false if the userID contains user key.
      Throws:
      NoSuchUserException - If user with given userID does not exist.
      AccessDeniedException - If the logged-in user does not have the required authorization to perform this operation
      UserManagerException - If remove proxy operation fails due some other reason.

    • addProxyForUser

      String addProxyForUser(String userID, String proxyUserID, Date startDate, Date endDate, boolean isUserLogin) throws NoSuchUserException, RecursiveProxyException, UserManagerException, AccessDeniedException
      Adds/Sets proxy for user in OIM. The API internally consumes the SOA/BPEL UserMetadataService APIs. UserMetadataService provides the APIs for creating vacation rule which serves our purpose for proxy.
      Parameters:
      userID - ID of the user for which proxy is to be added. The isUserLogin flag will decide if userID contains the user login or the entity ID.
      proxyUserID - ID of the user that is set as a proxy of the original user. The isUserLogin flag will decide if proxyUserID contains the user login or the entity ID.
      startDate - start date for the proxy.
      endDate - end date of the proxy.
      isUserLogin - Set to true if the userID contains user login and false if the userID contains Entity ID (user key/user GUID).
      Returns:
      the unique identifier of the proxy created.
      Throws:
      NoSuchUserException - If user with given userID does not exist.
      RecursiveProxyException - if there is a recursive proxy.
      UserManagerException - If add proxy operation fails due some other reason.
      AccessDeniedException - If the logged-in user does not have the required authorization to perform this operation.

    • updateProxyForUser

      void updateProxyForUser(String proxyID, Map attribute) throws NoSuchUserException, RecursiveProxyException, UserManagerException, AccessDeniedException
      Updates the proxy with ID proxyID Only proxy user, start date and/or end date can be modified for the given proxy. Original user cannot be modifed for a proxy. The values to be changed needs to be passed in the map as name value pairs.
      Parameters:
      proxyID - ID of the proxy for which details are to be updated.
      attribute - an attribute map of the fields to update:
      • Key as String with text "pxyOriginalUserEntityId" and VALUE as String representing the Orignal User Entity Id. This field cannot be updated.
      • Key as String with text "pxyProxyUserEntityId" and VALUE as String representing the New Proxy User Entity Id.
      • Key as String with text "proxystartdate" and VALUE as String representing Proxy New Start Date with format "MM/dd/yyyy".
      • Key as String with text "proxyenddate" and VALUE as String representing Proxy New End Date with format "MM/dd/yyyy".
      Throws:
      NoSuchUserException - If user with given userID does not exist.
      RecursiveProxyException - If there is a recursive proxy.
      AccessDeniedException - If the logged-in user does not have the required authorization to perform this operation
      UserManagerException - If update proxy operation fails due some other reason.

    • removeProxy

      void removeProxy(String userID, String proxyID, boolean isUserLogin) throws NoSuchUserException, UserManagerException, AccessDeniedException
      Removes a single proxy (identified by ID proxyID) for the given user (identified by userID).
      Parameters:
      userID - The ID of the user whose proxy is to be removed. The isUserLogin flag will decide what does userID contains.
      proxyID - The ID of the proxy to be removed.
      isUserLogin - Set to true if the userID contains user login and false if the userID contains user's entity id.
      Throws:
      NoSuchUserException - If user with given userID does not exist.
      AccessDeniedException - If the logged-in user does not have the required authorization to perform this operation
      UserManagerException - If remove proxy operation fails due some other reason.

    • generateUserName

      String generateUserName(Map<String,String> attrMap) throws UserNameGenerationException, UserManagerException
      Suggest a username based on OIM's default username policy.
      Parameters:
      attrMap - Map contains user attributes required to generate username.
      Returns:
      The generated username based on the default policy and user attributes
      Throws:
      UserNameGenerationException - If username generation operation fails due some reason.
      UserManagerException - If the operation fails due some other reason.

    • generateUserName

      String generateUserName(String policyID, Map<String,String> attrMap) throws UserNameGenerationException, UserManagerException
      Suggest a username based on the given username policy.
      Parameters:
      policyID - The ID (class name of policy) of the policy that will be used to generate username.
      attrMap - Map contains user attributes required to generate username.
      Returns:
      The generated username based on the given policy and user attributes
      Throws:
      UserNameGenerationException - If username generation operation fails due some reason.
      UserManagerException - If the operation fails due some other reason.

    • isUserNameValid

      boolean isUserNameValid(String userName, Map<String,String> attrMap) throws UserManagerException
      Check the validity of the given username based on default policy.
      Parameters:
      userName - The username that need to be validated.
      attrMap - Map contains user attributes required to generate username.
      Returns:
      True or false based on the validity of the user name as per the default policy
      Throws:
      UserManagerException - If the operation fails due some other reason.

    • isUserNameValid

      boolean isUserNameValid(String userName, String policyID, Map<String,String> attrMap) throws UserManagerException
      Check the validity of the given username based on given policy.
      Parameters:
      userName - The username that needs to be validated.
      policyID - The ID (class name of policy) of the policy that will be used to validate the username.
      attrMap - Map contains user attributes required to generate username.
      Returns:
      True or false based on the validity of the user name as per the given policy
      Throws:
      UserManagerException - If the operation fails .

    • getAllUserNamePolicies

      List<Map<String,String>> getAllUserNamePolicies(Locale locale) throws UserManagerException
      Gives the details of all the username policies configured in OIM.
      Parameters:
      locale - The locale in which policy description is needed.
      Returns:
      List containing all the policy details mentioned in a Map as:
      • policy_id - the ID of the policy
      • policy_name- the name of the policy
      • policy_description - the description of the policy
      Throws:
      UserManagerException - If the operation fails.

    • getPolicyDescription

      String getPolicyDescription(String policyID, Locale locale) throws UserManagerException
      Gives the details of the username policy configured in OIM with the given ID
      Parameters:
      policyID - The ID (class name of policy) of the Username generation policy for which description is required.
      locale - The locale in which policy description needed.
      Returns:
      The description of the policy with the given Id in the specified locale.
      Throws:
      UserManagerException - If the operation fails .

    • generateUserNameFromDefaultPolicy

      String generateUserNameFromDefaultPolicy(Map<String,Object> attrMap) throws UserNameGenerationException, UserManagerException
      Suggest a username based on OIM's default username policy.
      Parameters:
      attrMap - Map of <String,Object> contains user attributes required to generate username. Note: You can also pass multiple values (IMultiValueData) here.
      Returns:
      The generated username based on the default policy and user attributes
      Throws:
      UserNameGenerationException - If username generation operation fails.
      UserManagerException - If the operation fails due some other reason.

    • generateUserNameFromPolicy

      String generateUserNameFromPolicy(String policyId, Map<String,Object> attrMap) throws UserNameGenerationException, UserManagerException
      Suggest a username based on the given username policy.
      Parameters:
      policyId - The ID (class name of policy) of the policy that will be used to generate username.
      attrMap - Map of <String,Object> contains user attributes required to generate username. Note: You can also pass multiple values (IMultiValueData) here.
      Returns:
      The generated username based on the given policy and user attributes
      Throws:
      UserNameGenerationException - If username generation operation fails.
      UserManagerException - If the operation fails due some other reason.

    • isUserNameValidForDefaultPolicy

      boolean isUserNameValidForDefaultPolicy(String userName, Map<String,Object> attrMap) throws UserManagerException
      Check the validity of the given username based on default policy.
      Parameters:
      userName - The username that need to be validated.
      attrMap - Map of <String,Object> contains user attributes required to generate username. Note: You can also pass multiple values (IMultiValueData) here.
      Returns:
      True or false based on the validity of the user name as per the default policy
      Throws:
      UserManagerException - If the operation fails .

    • isUserNameValidForPolicy

      boolean isUserNameValidForPolicy(String userName, String policyId, Map<String,Object> attrMap) throws UserManagerException
      Check the validity of the given username based on specified policy.
      Parameters:
      userName - The username that needs to be validated.
      policyId - The ID (class name of policy) of the policy that will be used to validate the username.
      attrMap - Map of <String,Object> contains user attributes required to generate username. Note: You can also pass multiple values (IMultiValueData) here.
      Returns:
      True or false based on the validity of the user name as per the given policy
      Throws:
      UserManagerException - If the operation fails.

    • resetPassword

      void resetPassword(String userID, boolean isUserLogin) throws NoSuchUserException, UserManagerException, AccessDeniedException
      Resets the password of an user to a randomly generated password. As part of the password reset, a notification is sent to the user regarding the new password
      NOTE: The email attribute of the user must be set for reset password to work
      Parameters:
      userID - the userID of the user whose password is to be reset.
      isUserLogin - Set to true if the userID contains user login and false if the userID contains user key.
      Throws:
      NoSuchUserException - If user with given userID does not exist.
      UserManagerException - If there is an exception while performing the operation
      AccessDeniedException - If the logged in person is not authorized to perform the operation.

    • generatePassword

      String generatePassword(String userID, boolean isUserLogin) throws NoSuchUserException, UserManagerException, AccessDeniedException
      Generates the password of an user to a randomly generated password.
      Parameters:
      userID - the userID of the user whose password is to be reset.
      isUserLogin - Set to true if the userID contains user login and false if the userID contains user key.
      Throws:
      NoSuchUserException - If user with given userID does not exist.
      UserManagerException - If there is an exception while performing the operation
      AccessDeniedException - If the logged in person is not authorized to perform the operation.

    • resetPassword

      void resetPassword(String userID, boolean isUserLogin, boolean sendNotification) throws NoSuchUserException, UserManagerException, AccessDeniedException
      Resets the password of an user to a randomly generated password. As part of the password reset, a notification is sent to the user regarding the new password
      NOTE: The email attribute of the user must be set for reset password to work
      Parameters:
      userID - the userID of the user whose password is to be reset.
      isUserLogin - Set to true if the userID contains user login and false if the userID contains user key.
      sendNotification - Set to true if an email notification needs to be sent to the user whose password is changed
      Throws:
      NoSuchUserException - If user with given userID does not exist.
      UserManagerException - If there is an exception while performing the operation
      AccessDeniedException - If the logged in person is not authorized to perform the operation.

    • resetPassword

      void resetPassword(String userID, boolean isUserLogin, Map<String,Object> controls) throws NoSuchUserException, UserManagerException, AccessDeniedException
      Resets user's existing password to a new automatically generated password It takes a Map control parameters to perform additional operation.
      Parameters:
      userID - the userID of the user whose password is to be reset.
      isUserLogin - Set to true if the userID contains user login and false if the userID contains user key.
      controls - The Map contains control parameters used for performing additional opreration along with reset password.
      Supported Control Parameters:
      • SendNotification - Boolean flag whether to send notification or not.
      • SendNotificationTo - Comma separated email address.
      Throws:
      NoSuchUserException - If user with given userID does not exist.
      UserManagerException - If there is an exception while performing the operation
      AccessDeniedException - If the logged in person is not authorized to perform the operation.

    • changePassword

      void changePassword(String userID, char[] password, boolean isUserLogin, boolean sendNotification) throws NoSuchUserException, AccessDeniedException, UserManagerException
      Changes the user's password.
      Parameters:
      userID - The id of the user whose password is to be changed. The isUserLogin flag will decide what does userID contains.
      password - New password
      isUserLogin - Set to true if the userID contains user login and false if the userID contains user key.
      sendNotification - Set to true if an email notification needs to be sent to the user whose password is changed
      Throws:
      NoSuchUserException - If user with given userID does not exist.
      AccessDeniedException - If logged-in user does not have permission to change the password of this user.
      UserManagerException - If there is an error while changing the user's password

    • changePassword

      void changePassword(String userID, char[] password, boolean isUserLogin, Locale locale, boolean setPasswordResetFlag, boolean sendNotification) throws NoSuchUserException, AccessDeniedException, UserManagerException
      Changes the user's password. This signature API is called in OAAM integrated env.
      Parameters:
      userID - The ID of the user whose password is to be changed. The isUserLogin flag will decide what does userID contains.
      password - New password
      isUserLogin - Set to true if the userID contains user login and false if the userID contains user key.
      locale - If not null, this locale is used to throw translated exceptions (if any)
      setPasswordResetFlag - To identify whether the password reset flag should be reset or not. In case of OAAM scenario, this flag value should be false which should indicate not be reset the 'change password at next logon' flag in the database.
      sendNotification - Set to true if an email notification needs to be sent to the user whose password is changed
      Throws:
      NoSuchUserException - If user with given userID does not exist.
      AccessDeniedException - If logged-in user does not have permission to change the password of this user.
      UserManagerException - If there is an error while changing the user's password

    • changePassword

      void changePassword(String attributeName, Object attributeValue, char[] password, boolean sendNotification) throws NoSuchUserException, AccessDeniedException, UserManagerException, SearchKeyNotUniqueException
      Changes the user's password.
      Parameters:
      attributeName - The attribute name for the search criteria to identify the user.
      attributeValue - The attribute value for the search criteria to identify the user.
      password - New password
      sendNotification - Set to true if an email notification needs to be sent to the user whose password is changed
      Throws:
      NoSuchUserException - If user with the given criteria does not exist.
      AccessDeniedException - If logged-in user does not have permission to change the password of this user.
      UserManagerException - If there is an error while changing password
      SearchKeyNotUniqueException - If there are more than one users found with the given search criteria.

    • getUsersAssigned

      List<User> getUsersAssigned(String adminRoleId, Set<String> retAttrs, HashMap<String,Object> configParams)
      Returns the list of User identities assigned to the admin-role
      Parameters:
      adminRoleId - role-key for the admin-role.
      retAttrs - the user attributes need to be returned
      configParams - the comfigparams.
      Returns:
      List of Users identity.

    • getUsersAssignedWithScope

      List<User> getUsersAssignedWithScope(String adminRoleId, Set<String> retAttrs, HashMap<String,Object> configParams, String scopeId)
      Returns the list of User identities assigned to the admin-role
      Parameters:
      adminRoleId - role-key for the admin-role.
      retAttrs - the user attributes need to be returned
      configParams - the comfigparams.
      scopeId - associated wtih admin role.
      Returns:
      List of Users identity.

    • getUserChallengeValues

      Map<String,Object> getUserChallengeValues(String userID, boolean isUserLogin) throws AccessDeniedException, UserManagerException
      API for system administrators to fetch challenge questions and masked answers for a given user. Challenge questions are returned as plain text. Challenge answers are returned as the literal string "********" to indicate the information is not publicly available even to a system administrator.
      Parameters:
      userID - The id of the user whose challenge questions and answers are to be fetched. The isUserLogin flag indicates if userID is the user login or the user key.
      isUserLogin - Set to true if the userID contains user login and false if the userID contains user key.
      Returns:
      Map of challenge questions and masked answers throws UserManagerException If there is an error while fecthing challenges throws AccessDeniedException if user invoking operation does not have system adminstrators role throws NoSuchUserException if given user does not exist
      Throws:
      AccessDeniedException
      UserManagerException

    • setUserChallengeValues

      void setUserChallengeValues(String userID, boolean isUserLogin, HashMap<String,Object> quesAnsMap) throws AccessDeniedException, UserManagerException
      API for system administrators to set/nuke challenge question and answer of a given user
      Parameters:
      userID - The id of the user whose challenge question and answer needs to be set. The isUserLogin flag will decide what does userID contains.
      isUserLogin - Set to true if the userID contains user login and false if the userID contains user key.
      quesAnsMap - HashMap of challenge question and answers to override existing challenges If passed as empty HashMap, it would nuke the challenges of the given user throws UserManagerException If there is an error while fecthing challenges throws AccessDeniedException if user invoking operation does not have system adminstrators role throws NoSuchUserException if given user does not exist throws ValidationFailedException in case of any validation failure
      Throws:
      AccessDeniedException
      UserManagerException

    • getProxyDetails

      Map<String,Object> getProxyDetails(long pxdKey) throws UserManagerException
      API to return the proxy details for a given proxy id.
      Throws:
      UserManagerException